TERMS

1. Scope

1.1 Terms and Conditions. This Agreement (the "Agreement") sets forth the terms and conditions applicable to the licensing of ORGiD Software ("Product") from ORGiD ("ORGiD") by the Party subscribing to the license ("Customer"). The offer of a Product licence under this Agreement and the Customer's purchase of the corresponding Subscription constitutes each Party's respective acceptance of this Agreement.  Unless defined elsewhere in this Agreement, terms in initial capital letters have the meanings outlined in Section 13. The Customer and ORGiD may be referred to collectively as the "Parties" or individually as a "Party".

1.2 Product Subscription. ORGiD will fulfil the Subscription to the Customer based on the pricing and terms referenced in the ORGiD Customer Portal hosted by Stripe's "Subscription Pricing Schedule." A Subscription and the corresponding purchase transaction shall be for a license to use the Product deployed as a Cloud Service hosted in ORGiD's Computing Environment.

1.3 Agreement. Each Subscription is subject to and governed by this Agreement, with a Subscription Pricing Schedule attached or referenced, and any amendments to any of the foregoing as may be agreed in writing upon by the Parties, constituting the Agreement between the Customer and ORGiD. Each Subscription is a separate Agreement between the Customer and ORGiD.

2. Licensed Product

2.1 Grant of License. 

2.1.1 ORGiD hereby grants to the Customer and each Affiliate of the Customer who purchases a Subscription under this Agreement during the Term of each Subscription, subject to Section 2.1.2, a nonexclusive, worldwide (subject to Section 12.4), non-transferable (except in connection with an assignment permitted under Section 12.2), non-terminable (except as provided in Section 10) license to use the Product "Licensed Product", to access and use the Product via the Cloud Service and to allow its Users to access and use the Product through the Cloud Service, per this Agreement.

The Licensed Product enables the Customer to manage ID card records that can be installed, displayed, and used by individual Users within their ID Wallet ("Digital ID Cards"). The range of available actions within the Licensed Product depends on the Customer's Subscription level and may include, but is not limited to:

(A) Designing Digital ID Card templates,

(B) Creating, updating, and archiving ID Card records,

(C) Issuing Digital ID Cards to Users,

(D) Communicating with Users through in-app messaging,

(E) Creating Campaigns and Special Offers for Users, and

(F) Integration with 3rd party services.

2.1.2 The Customer and each Affiliate with a Product Subscription under this Agreement may use the Licensed Product only to support its operations, in connection with the Customer's products and services, and/or in connection with the Customer's interactions with Users.

2.1.3 The Customer may make a reasonable number of copies of the Documentation necessary to use the Licensed Product under the rights granted under this Agreement, provided that the Customer does not remove any proprietary legends and other notices from such copies. ORGiD retains all rights not expressly granted to the Customer under this Agreement.

2.2 Affiliates and Contractors. With respect to Affiliates and Contractors that the Customer allows to use the Licensed Product under this Agreement: (a) The Customer remains responsible for all obligations hereunder arising in connection with such Affiliate's or Contractor's use of the Licensed Product; and (b) The Customer agrees to be directly liable for any act or omission by such Affiliate or Contractor to the same degree as if the act or omission were performed by the Customer such that a breach by an Affiliate or a Contractor of the provisions of this Agreement will be deemed to be a breach by the Customer. The performance of any act or omission under this Agreement by an Affiliate or a Contractor for, by or through the Customer will be deemed the act or omission of the Customer.

2.3 Restrictions.

2.3.1 Except as expressly permitted by this Agreement, the Customer will not (and will not allow anyone else to):

(i) Reverse engineer, decompile, or attempt to discover any source code or underlying ideas or algorithms of the Licensed Product or Product, except to the extent that Applicable Laws expressly permit such activity;

(ii) Provide, sell, transfer, sublicense, lend, distribute, rent, or otherwise allow others to access or use the Licensed Product;

(iii) Remove any proprietary notices or labels from the Licensed Product;

(iv) Copy, modify, or create derivative works of the Licensed Product;

(v) Interfere with the operation of, cause performance degradation of, or circumvent access restrictions of the Licensed Product;

(vi) Access accounts, Information, data, or portions of the Licensed Product to which the Customer does not have explicit authorisation;

(vii) Use the Licensed Product to develop a competing service or Product;

(viii) Use the Licensed Product for any activity that violates Applicable Laws;

(ix) Use the Licensed Product to obtain unauthorised access to anyone else's networks or equipment;

(x) Upload, submit, or otherwise make any Customer Content available to the Licensed Product to which the Customer, its Agents, and Users do not have the proper rights.

2.4 No Additional Terms. No shrink-wrap, click-acceptance, third-party integration, purchase order, or other terms and conditions outside this Agreement provided by the Customer will be binding on ORGiD unless agreed in writing as an amendment to this Agreement. Any such Additional Terms will be of no force or effect and will be deemed rejected in their entirety.

3. Services

3.1 Cloud Service. ORGiD will provide the Licensed Product to the Customer as a Cloud Service promptly following the purchase of the Subscription and continuing until termination of the Subscription under Section 10. ORGiD will provide the Customer with all access credentials necessary to access and use the Licensed Product via the Cloud Service. The Customer may use the Licensed Product from the Cloud Service and use the credentials to access and use the Licensed Product only if the Customer complies with the terms herein.

3.2 Support Services. ORGiD will make Documentation concerning the use and operation of the Licensed Product available to the Customer and provide Support Services to the Customer as described, incorporated, or referenced in the SLA, if applicable.

3.3 Hosting. The Customer acknowledges that ORGiD uses a Cloud Infrastructure Provider to process and host the Cloud Service provided under this Agreement. The Customer consents to the storage of Customer Data in the Cloud Infrastructure Provider Region offered by ORGiD and its use of the Cloud Infrastructure Provider's infrastructure and services to process Customer Data and provide ORGiD's Cloud Service.

3.4 Service Level. During the Term of this Agreement, ORGiD commits to maintaining the Cloud Service so that it performs as specified in this Agreement at a minimum (hereafter "Basic Service Level") 99% of the time each calendar month (on a 24x7x365 basis), excluding scheduled maintenance, unscheduled emergency maintenance, or for reasons beyond ORGiD's reasonable control (hereafter "Availability"). Notwithstanding any provisions of this Agreement to the contrary, the Customer may terminate this Agreement if the Cloud Services Availability falls below 95% three (3) or more times during each Term. The Customer may subscribe to maintenance notification emails from ORGiD, which will inform the Customer of scheduled service disruptions before they occur. The Customer and any Member with a Subscription to the Licensed Product under this Agreement may also subscribe to a paid Service Level Agreement ("SLA"), and if the Cloud Service does not meet the SLA level subscribed to, ORGiD will provide the remedies outlined in the SLA instead of the remedies provided in this Section 3.4.

3.5 User Accounts. The Customer is responsible for all actions taken on their Users' accounts and for each User's compliance with this Agreement. The Customer must require their Users to protect the confidentiality of their passwords and login credentials. The Customer will promptly notify ORGiD if it suspects or knows of any fraudulent activity with its accounts, passwords, or credentials or if they become compromised.

3.6 Enhancements. ORGiD shall make no changes to the Product during the Term which will diminish the utility of the Licensed Product for the Customer's authorised use. Notwithstanding the foregoing, ORGiD may make any change or enhancement to the Product to prevent service interruptions, enhance the quality or delivery of the Product or Service, so that it is non-infringing a patent, or as required to ensure compliance with any Applicable Laws or security obligations.

3.7 Professional Services. ORGiD shall provide Professional Services as a paid service described in a statement of work("SOW") if the Parties agree. The procurement of Professional Services will set forth (a) the Professional Services to be performed, (b) any specifications or other requirements, (c) applicable fees, (d) any assumptions or conditions, and (e) any other terms mutually agreed upon by the parties. ORGiD will retain all rights, titles and interests in and to the Professional Services performed on its Licensed Product (including any intellectual property rights therein), and the Customer will retain all rights, titles and interests in and to the Customer Data, the Professional Services performed on its Customer Data and/or all derivative works thereof. The Customer's usage rights to the results of such Professional Services shall be the same as the rights granted under the Agreement concerning the Service to which such Professional Services pertains.

4. Proprietary Rights

4.1 Licensed Product. Subject to the licenses granted herein, ORGiD will retain all rights, titles and interests it may have in and to the Licensed Product, including all Proprietary Rights therein, whether developed before or after the Effective Date. Nothing in this Agreement will be construed or interpreted as granting to the Customer any rights of ownership or any other Proprietary Rights in or to the Licensed Product or any Proprietary Rights therein.

4.2 Feedback. The Customer or the Customer's Affiliates may, at its option, provide suggestions, ideas, enhancement requests, recommendations or Feedback regarding the Licensed Product or Support Services ("Feedback"), provided, however, that Feedback does not include any Proprietary Rights of the Customer or the Customer's Affiliates or any Customer Data or Customer Materials. ORGiD may use and incorporate Feedback in its products and services without compensation or accounting to the Customer, provided that neither ORGiD nor its use of the Feedback identifies the Customer as the source of such Feedback. Feedback is not confidential to the Customer. The Customer will have no obligation to provide Feedback, and all Feedback is provided by the Customer "as is" and without warranty.

5. Warranties

5.1 Licensed Product. ORGiD represents and warrants that:

(a) The Product will conform, in all material respects, to this Agreement during the Subscription Term.

(b) It will use industry standard practices designed to detect and protect the Product against all applicable vulnerabilities which pose a risk to the Licensed Product and any viruses, "Trojan horses", "worms", spyware, adware, or other harmful code designed or used for unauthorised access to or use, disclosure, modification, or destruction of Information within the Product, or interference with or harm to the operation of the Product or any systems, networks, or data. This includes regularly scanning the Product for malware and other security vulnerabilities with up-to-date scanning software.

(c) The Licensed Product, and the Customer's use thereof as permitted under this Agreement, will not be subject to any license or other terms that require any Customer Data, Customer Materials, or any software, Documentation, Information, or other materials integrated, networked, or used by the Customer with the Product, in whole or in part, to be disclosed or distributed in source form, licensed to make derivative works or redistributable.

5.2 Support Services. ORGiD represents and warrants that any Support Services will be performed in a professional manner with the level of care, skill, and diligence expected of experienced and knowledgeable professionals performing similar services.

5.3 Remedies. If any Product or Service fails to conform to the foregoing warranties, ORGiD will promptly, at its expense, correct the Product and re-perform Services as necessary to conform to the warranties. If ORGiD does not correct the Product or re-perform Services to conform to the warranties within a reasonable time, not to exceed 30 days (the "Cure Period"), as the Customer's sole remedy and ORGiD's exclusive liability (without affecting any other rights or remedies available to the Customer provided in Section 9), the Customer may, for a period of 30 days following the conclusion of the Cure Period, elect to terminate the Subscription and this Agreement without further liability. Upon such termination, ORGiD will provide the Customer with a refund of any Fees prepaid to ORGiD, prorated for the portion of the Subscription unused at the time the Customer reported the breach of warranty to ORGiD, as well as, if applicable, any service credits available under this Agreement.

5.4 Warranty Exclusions. ORGiD will have no liability or obligation concerning any warranty to the extent the breach of such warranty is as a direct result of any:

(a) Use of the Product by the Customer in violation of this Agreement or applicable Law;

(b) Modifications to the Licensed Product not provided by ORGiD or its Personnel;

(c) Use of the Product by the Customer in combination with third-party equipment not sold or third-party software not licensed to the Customer by ORGiD under this Agreement;

(d) Use by the Customer of the Product in conflict with this Agreement, to the extent that such nonconformity would not have occurred without such non-conforming use by the Customer.

5.5 Compliance with Laws. Each Party represents and warrants that it will comply with all Applicable Laws in its performance under this Agreement. Any collection, use, storage, processing, or transfer of Personal Data by ORGiD will be undertaken at the Customer's instruction, and the Customer shall only provide instruction in compliance with all Applicable Laws, including without limitation all Data Protection Laws and Regulations governing the collection, maintenance, transmission, dissemination, use, and destruction of Personal Data.

5.6 Power and Authority. Each Party represents and warrants that:

(a) It has full power and authority to enter into and perform this Agreement and that the execution and delivery of this Agreement have been duly authorised.

(b) This Agreement and such Party's performance hereunder will not breach any other agreement to which the Party is a party or is bound or violates any obligation owed by such Party to any third party.

(c ) It has all the rights in relation to the Product, Services and Documentation that are necessary to grant all the rights that it purports to grant under, and in accordance with, the terms of this Agreement.

5.7 Disclaimer. EXCEPT FOR THE WARRANTIES SPECIFIED IN THIS AGREEMENT, NEITHER PARTY MAKES ANY WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, REGARDING THE LICENSED PRODUCT, SERVICES, CUSTOMER MATERIALS AND CUSTOMER DATA, AND EACH PARTY HEREBY DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. ORGiD does not warrant (a) that the Licensed Product will meet the Customer's requirements or (b) that the operation of the Product will be uninterrupted or error-free.

5.8 Additional Warranties. ORGiD warrants and represents that:

(a) ORGiD has and will maintain all licenses, consents, and permissions necessary for performing its obligations under this Agreement during the Term.

(b) The Licensed Product and the Services will comply with all applicable terms and conditions of the Third Party Services listed in the Product Addendum, to the extent such terms and conditions are necessary for performing ORGiDs obligations herein.

6. Confidentiality

6.1 Confidential Information. "Confidential Information" means any non-public information directly or indirectly disclosed by either Party (the "Disclosing Party") to the other Party (the "Receiving Party") or accessible to the Receiving Party pursuant to this Agreement that is designated as confidential or that, given the nature of the Information or the circumstances surrounding its disclosure, reasonably should be considered as confidential, including without limitation technical data, trade secrets, know-how, research, inventions, processes, designs, drawings, strategic roadmaps, product plans, product designs and architecture, security information, marketing plans, pricing and cost Information, marketing and promotional activities, business plans, customer and supplier information, employee and User information, business and marketing plans, and business processes, and other technical, financial or business Information, and any third party information that the Disclosing Party is required to maintain as confidential. Confidential Information will not, however, include any information which: (a) was publicly known or made generally available to the public before the time of disclosure; (b) becomes publicly known or generally made available after disclosure through no fault of the Receiving Party; (c) is in the possession of the Receiving Party, without restriction as to use or disclosure, at the time of disclosure by the Disclosing Party; (d) was lawfully received, without restriction as to use or disclosure, from a third party (who does not have an obligation of confidentiality or restriction on use itself); or (e) is developed by the Receiving Party independently from this Agreement and without the use of or reference to the Disclosing Party's Confidential Information or Proprietary Rights. Except for rights expressly granted in this Agreement, each Party reserves all rights in and to its Confidential Information.

6.2 Confidential Obligations. The Parties will maintain as confidential and will avoid disclosure and unauthorised use of Confidential Information of the other Party using such precautions and with the same degree of care that a prudent person would exercise to protect its confidential Information of a like nature, and to prevent the unauthorised, negligent, or inadvertent use, disclosure, or publication thereof or access thereto. Each Party may only disclose the other Party's Confidential Information to those of its employees, officers, representatives, contractors, subcontractors and advisers ("Representatives") who need to know such Confidential Information for the Permitted Purpose, provided that (a) it informs such Representatives of the confidential nature of the Confidential Information before disclosure; and (b) it procures that its Representatives shall, in relation to any Confidential Information disclosed to them, comply with the obligations set out in this clause as if they were a party to this Agreement, and at all times, it is liable for the failure of any Representatives to comply with the obligations set out in this Section 6. Except as necessary for the proper use of the Product, the exercise of a Party's rights under this Agreement, the performance of a Party's obligations under this Agreement or as otherwise permitted under this Agreement, neither Party will use Confidential Information of the other Party for any purpose except in fulfilling its obligations or exercising its rights under this Agreement. Each Party will promptly notify the other Party if it becomes aware of any unauthorised use or disclosure of the other Party's Confidential Information and reasonably cooperate with the other Party in attempts to limit disclosure.

6.3 Compelled Disclosure. A Receiving Party may disclose Confidential Information to the extent required by Law, including regulatory requirements, discovery request, subpoena, court order or governmental action, provided that it will give reasonable prior notice to the extent permitted by Applicable Law (and where applicable Law does not allow prior notice, notice will be given as soon as the Receiving Party is legally permitted) to the Disclosing Party to permit the Disclosing Party to intervene and to request protective orders or confidential treatment therefor or other appropriate remedy regarding such disclosure. Disclosure of any Confidential Information under any legal requirement will not be deemed to render it non-confidential, and the Receiving Party's obligations concerning Confidential Information of the Disclosing Party will not be changed or lessened by any such disclosure. Notwithstanding any provisions herein, if the Customer is a government agency or entity, the Customer will comply with all Laws applicable to it concerning disclosure of public Information.

6.4 Bribery. A Party subject to anti-bribery laws may, provided it has reasonable grounds to believe that the other Party is involved in an activity that may constitute the criminal offence of Bribery, disclose applicable Confidential Information only to the extent necessary to inform the applicable Regulator's Office of the alleged Bribery without first informing the other Party of such disclosure.

7. Service Obligations and Responsibilities

7.1 Acceptable Use. Restrictions on Sensitive Information.

7.1.1 The Customer will not intentionally use the Product or Cloud Service to: (a) store, download or transmit infringing or illegal content, or any viruses, "Trojan horses", or other harmful code; (b) engage in phishing, spamming (meaning the unsolicited sending of any electronic communications without the implied or express consent of the recipient), denial-of-service attacks or fraudulent or illegal activity; (c) interfere with or disrupt the integrity or performance of the Product or data contained therein or on ORGiD's system or network or circumvent the security features of the Product; or (d) perform penetration testing, vulnerability testing or other security testing on the Product or otherwise attempt to gain unauthorised access to the Product or any of ORGiD's systems or networks.

7.1.2 Sensitive Data. The Customer may not use the Cloud Services to store or process Sensitive Data unless ORGiD has specifically purchased a Cloud Service Subscription designed to be used with Sensitive Data. For this Agreement, "Sensitive Data" means:

(1) Special categories of data enumerated in applicable Data Protection Laws, including European Union Regulation 2016/679, Article 9(1) or any successor legislation;

(2) Patient, medical, or other protected health information regulated by the Health Insurance Portability and Accountability Act (as amended and supplemented) ("HIPAA");

(3) Credit, debit, or other payment card data, including bank account numbers (except for the Customer's payment card data to make payments to ORGiD);

(4) Social Security numbers, driver's license numbers, or other government identification numbers;

ORGiD shall have no additional responsibility for storing Sensitive Data where the Cloud Service Subscription is not designed and approved to store such Sensitive Data.

7.1.3 ORGiD may suspend the Customer's or a User's right to access or use any portion or all of the Cloud Service immediately upon notice to the Customer (a) if ORGiD, after reasonable due diligence given the nature and severity of the issue, reasonably determines that: (i) The Customer or a User's misuse of the Cloud Service poses a material risk to the security or operation of ORGiD's systems, the Cloud Service or the systems or data of any other customer, or (ii) The Customer or a User's use of the Cloud Service violates this Section 7.1 or is illegal or fraudulent; or (b) The Customer fails to pay any undisputed Fees within 30 days after notice of past due amounts in accordance with section 12. To the extent reasonably practicable, ORGiD will limit the suspension of the Cloud Service according to subsection (a) as needed to mitigate the applicable risk. ORGiD will promptly restore the Cloud Service to the Customer upon resolution of the issue and/or payment of the outstanding amounts (as applicable).

7.2 Customer Data and Customer Materials

7.2.1 The Customer is and will continue to be the sole and exclusive licensee, permitted User or owner of and will retain all rights, title and interest it may have in and to the Customer Materials, Customer Data and other Confidential Information of the Customer, including all Proprietary Rights therein. Nothing in this Agreement will be construed or interpreted as granting to ORGiD any rights of ownership or any other Proprietary Rights in or to Customer Data, Customer Materials or Confidential Information of the Customer.

7.2.2 The Customer will obtain all necessary consents, authorisations, and rights and provide all necessary notices and disclosures to provide Customer Data to ORGiD and for ORGiD to use Customer Data in the performance of its obligations in accordance with the terms and conditions of this Agreement, including any access or transmission to third parties with whom the Customer shares or permits access to Customer Data.

7.2.3 The Parties agree that Customer Data and Customer Materials are Confidential Information of the Customer. The Customer hereby grants to ORGiD a nonexclusive, non-transferable (except in connection with an assignment permitted under Section 12.2), revocable license, under all Proprietary Rights, to reproduce and use Customer Materials and Customer Data solely for, and to the extent necessary for, performing ORGiD's obligations under this Agreement. In no event will ORGiD access, use, or disclose to any third party any Customer Data or any Customer Materials for any purpose other than as necessary to provide the Product and Services to the Customer and perform its obligations under this Agreement. ORGiD will not aggregate, anonymise or create any data derivatives of Customer Data other than as necessary to provide the Licensed Product and Services and perform its obligations per this Agreement's terms and conditions.

7.2.4 During the Term, the Customer will have the right to review and delete the Customer Data made accessible in the Licensed Product's user interfaces or, upon request for Professional Services, receive an export specific Customer Data, including any derivatives of Customer Data which may not be accessible in the Licensed Product's user interfaces. The Customer can request the deletion of any Customer Data except for any Customer Data contained in certain logs and encrypted backups, which are deleted automatically based on ORGiD data retention policy to conform with Applicable Law.

7.3 System Data. To the extent that System Data identifies or permits, alone or in conjunction with other data, identification, association, or correlation of or with the Customer, its Members, Users, clients, suppliers or other persons interacting with the Customer and its Members through the Licensed Product, or any Confidential Information of the Customer or any device used to access or use the Licensed Product as originating through or interacting with the Customer or its Members ("Identifiable System Data"), ORGiD may only collect and use Identifiable System Data internally to administer, provide and improve the Product and Services under this Agreement. Without limiting the generality of the foregoing, ORGiD shall only process Identifiable System Data as a Data Processor, ORGiD, or equivalent, as such terms are defined in the applicable Data Protection Law.

7.4 Use of Other Data. Nothing in this Agreement will restrict: (a) ORGiD's use of it's System Data or data derived from System Data that does not include any Proprietary Rights of the Customer and does not identify or permit, alone or in conjunction with other data, identification, association, or correlation of or with (i) the Customer, its Members, Users, clients, suppliers or other persons interacting with the Customer and its Members using the Product through the Cloud Service or any Confidential Information of the Customer disclosed to ORGiD, or (ii) any device (e.g. computer, mobile telephone, or browser) used to access or use the Product as originating through the Customer or its Members or interacting with the Customer or its Members; or (b) either Party's use of any data, records, files, content or other Information related to any third party that is collected, received, stored or maintained by a Party independently from this Agreement.

7.5 Security. ORGiD warrants and represents to the Customer that it shall, consistent with industry-standard practices, implement and maintain a security program: (a) to maintain the security and confidentiality of Customer Data and (b) to maintain the availability and integrity of Customer Data and to protect Customer Data from known or reasonably anticipated threats or hazards to its security, including accidental loss, unauthorised use, access, alteration or disclosure.

7.5.1 Security Program. ORGiD warrants and represents to the Customer that its information security program will include (a) appropriate administrative controls, such as communication of applicable information security policies and information security and confidentiality training; (b) physical security of facilities where Customer Data is processed or stored, including locked doors and keys/key cards to access such facilities; (c) controls to limit access to ORGiD's systems and Customer Data, including a password policy for Personnel that access Customer Data; and (d) regular testing and evaluation of the effectiveness of the security program.

7.5.2 Systems Access. ORGiD warrants and represents to the Customer that it will (a) safeguard Customer Data in a controlled environment consistent with industry standards; (b) establish, maintain and enforce the security access principles of "segregation of duties" and "least privilege" concerning Customer Data; (c) maintain a list of systems where Customer Data is processed and stored and maintain a list of Personnel who have access to those systems; (d) have in place industry standard policies and processes to limit access to Customer Data, including a requirement that a unique individual user-id will be used for each User that accesses Customer Data and user ids must not be shared; and (e) require that all Personnel use strong passwords.

7.5.3. Data Storage. ORGiD warrants and represents to the Customer that it will implement and maintain (a) logical separation of Customer Data from ORGiD's data and third-party data; (b) encryption of Customer Data at rest and in transit to or from computing environments owned or operated by or for ORGiD to support the Cloud Service using industry-standard encryption methods; and (c) specific controls to ensure that ORGiD has and enforces two-factor authentication for any remote connection to ORGiD systems that access Customer Data.

7.5.4 Data Destruction. Without prejudice to Section 7.2.4, ORGiD represents and warrants that it will not retain Customer Data for longer than commercially required to complete its obligations under this Agreement after the expiration or termination of the Agreement, except as provided in the Agreement or by Law. All Customer Data deleted by ORGiD will be securely and permanently deleted following industry standards related to data destruction and media sanitation.

7.5.5 Logging. ORGiD will maintain certain logs and records for industry-standard retention periods, which enable ORGiD to audit each User's access to Customer Data, including (i) logging successful and unsuccessful sign-on attempts and (ii) audit trails that capture specific activity and actions performed within the Licensed Product during a User's session.

7.5.6 Personnel. Access to Customer Data will be restricted to authorised Personnel and provided only on a need-to-know basis. Personnel having access to Customer Data will be bound by a written agreement with ORGiD with requirements and restrictions no less than those set forth herein. Each Personnel must pass a background check consistent with industry standards before accessing Customer Data. Personnel who fail to adhere to applicable information security policies will be subject to disciplinary processes. ORGiD will provide information security and confidentiality training to all Personnel authorised by ORGiD to access Customer Data. Such training will be: (i) consistent with industry standards; (ii) designed, at a minimum, to educate all such Personnel on maintaining the security, confidentiality and integrity of Customer Data; and (iii) be provided no less than annually. ORGiD will have in place a process by which authorised Personnel and other User accounts are created and deleted securely and timely.

7.5.7 Business Continuity. ORGiD will maintain plans and risk controls, consistent with industry standards, for the continuity of its performance under this Agreement ("Business Continuity Plan"), which will include safeguards to resume the Cloud Service within a specified time, and recover and make available Customer Data with not more than a specified period of data loss after any significant interruption or impairment of operation of the Cloud Service. ORGiD will implement backup procedures to accomplish its specified recovery point objective. ORGiD will review its Business Continuity Plan regularly and update it in response to changes within its company and industry standards.

7.5.8 Reports, Risk Assessments and Audits. ORGiD will have retention policies for reports, logs, audit trails, and any other related documentation related to industry standards. Subject to the Fees outlined in the Subscription or Professional Service, whichever is applicable, and upon request by the Customer, ORGiD will complete and respond to the Customer's reasonable security questionnaires and/or self-assessment security compliance reviews and will cooperate with and provide the Customer's third party auditor with access to, and the right to inspect and audit, all records and systems relating to (i) the collection, processing, or transfers of data relating to Customer Data and (ii) the information security program used by ORGiD to secure Customer Data. ORGiD will conduct regular industry-standard penetration testing or other appropriate security testing and security assessments that verify its security program. ORGiD will promptly remedy material issues identified from the testing and audits.

7.6 Data Protection Legislation.

7.6.1 Each Party shall comply with all applicable Data Protection Laws and any implementations of such Laws concerning its performance under this Agreement. The Parties acknowledge and agree that they will consider implementing any codes of practice and best practice guidance issued by relevant authorities in good faith as they apply to applicable country-specific Data Protection Laws or their implementations.

7.6.2 Without limiting the generality of the foregoing, ORGiD and the Customer shall agree to the terms and conditions of the attached Data Processing Addendum. The Customer represents and warrants it will not transfer Personal Data to ORGiD under this Agreement unless such transfer is in full compliance with all applicable Data Protection Laws and will be responsible for the liabilities related to such transfer due to its own act or omission or to the extent such transfer continues after becoming notified by ORGiD of its material non-conformance.

7.6.3 ORGiD represents and warrants that the Product complies with all Applicable Data Protection and Privacy Laws and contains all functionality to enable the Customer to use the Product in compliance with the Customer's obligations under the Data Protection Laws and Regulations (as defined in the Data Processing Addendum) and the Privacy and Electronic Communications Regulations and any laws or regulations implementing Privacy and Electronic Communications Regulations (including any judicial or administrative interpretation of any of the same and any guidance, guidelines, codes of practice, approved codes of conduct or approved certification mechanisms issued from time to time).

7.6.4 Without limiting the generality of Section 7.6.1, if the Customer's use of the Licensed Product becomes, or in either Parties opinion, is likely to become in violation of the Data Processing Addendum or Section 7.6.3 that would prohibit or interfere with the Customer's use of the Licensed Product under this Agreement, then ORGiD will at its option either: (a) modify or replace the affected Licensed Product at its sole expense so that the modified or replacement Licensed Product is longer at risk of being in violation with an applicable Data Protection Law and is reasonably comparable in functionality, interoperability, and levels of performance; or (b) notify the Customer of it cannot accomplish Section 7.6.3(a) in a commercially reasonable manner and offer the Customer new Subscription pricing reflecting either the increased costs of compliance or the decreased functionality, interoperability, or level of performance, whichever applicable. If, in such circumstances, the Parties cannot accomplish any of the foregoing actions on a commercially reasonable basis, either Party may terminate this Agreement for cause with 30 days' notice, in which case ORGiD will refund to the Customer any fees prepaid to ORGiD by the Customer prorated for the unused portion of the Subscription.

7.7 Remedies. Each Party agrees that in the event of a breach or threatened breach of this Section 7, the non-breaching Party will be entitled to injunctive relief against the breaching Party and any other remedies to which the non-breaching Party may be entitled.

7.8 Data Security Breach Notification.

7.8.1 ORGiD will notify the Customer promptly (but in any event no more than 24 hours) upon discovery and verification of any data security breach involving Customer Data transferred to or processed by ORGiD or the Cloud Service ("Security Incident") and will cooperate with the Customer in every reasonable way to prevent any further compromise, unauthorised use or disclosure. ORGiD will document the responsive actions taken in connection with any Security Incident and conduct a post-incident review of actions taken to make changes in business practices relating to its security program. ORGiD will provide the Customer with regular updates regarding the internal investigation of each Security Incident, and upon request, ORGiD will provide summary information to the Customer.

7.8.2 ORGiD will be responsible for its costs related to or arising from investigating and responding to each Security Incident unless such Security Incident resulted from the Customer, a Member's or a Representative's actions, inaction, instructions, compromise, disclosure, misconfiguration or misuse the Licensed Products or Cloud Service for which the Customer will be responsible for all costs of investigation, response and other cooperation requested and provided to the Customer as a Professional Service. ORGiD will reasonably cooperate with the Customer to comply with its obligations under Applicable Law about responding to a Security Incident.

7.8.3 ORGiD's obligation to report or respond to a Security Incident under this Section is not an acknowledgement by ORGiD of any fault or liability concerning the Security Incident. The Customer must notify ORGiD promptly about any possible misuse of its accounts or authentication credentials or any security incident related to its use of the Cloud Service. ORGiD is not liable for any losses, damages or improper processing of Customer Data resulting from this. The Customer shall be liable to ORGiD for any losses, damages or costs incurred due to a Security Incident solely resulting from the Customer, its Members and Representatives' actions, inactions, instructions, compromise, disclosure, misconfiguration or misuse of the Licensed Products.

7.8.4 ORGiD will cooperate in any reasonable investigation of a Security Incident by the Customer if required by Law.

8. Limitations of Liability

8.1 Disclaimer: General Cap. IN NO EVENT WILL (a) EITHER PARTY BE LIABLE FOR ANY INDIRECT, SPECIAL, PUNITIVE, INCIDENTAL OR CONSEQUENTIAL DAMAGES, INCLUDING BUT NOT LIMITED TO COSTS OF REPLACEMENT GOODS OR SERVICES, ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND (b) SUBJECT TO SECTIONS 8.2, 8.3 AND 8.4, NEITHER PARTY'S AGGREGATE LIABILITY UNDER THIS AGREEMENT, WHETHER SUCH DAMAGES ARE BASED IN CONTRACT, TORT OR OTHER LEGAL THEORY, SHALL EXCEED THE FEES AND OTHER AMOUNTS PAID AND REQUIRED TO BE PAID UNDER THIS AGREEMENT IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE DAMAGES.

8.2 Exception for Willful Misconduct or Fraud. NOTHING IN THIS AGREEMENT LIMITS ANY LIABILITY FOR WILLFUL MISCONDUCT OR FOR ANY LIABILITY WHICH CANNOT LEGALLY BE LIMITED, INCLUDING BUT NOT LIMITED TO LIABILITY FOR (A) DEATH OR PERSONAL INJURY CAUSED BY NEGLIGENCE; (B) FRAUD, FRAUDULENT MISREPRESENTATION.

8.3 Exception for Certain Liabilities. THE AGGREGATE LIMITATIONS ON LIABILITY SET FORTH IN SECTIONS 8.1(b) WILL NOT APPLY TO THE OBLIGATIONS OF ORGiD UNDER SECTION 9.1 OR THE OBLIGATIONS OF THE CUSTOMER UNDER SECTION 9.2, AND EITHER PARTY'S OBLIGATIONS UNDER SECTION 6, SECTION 7.6, and SECTION 7.8.

8.4 Special Cap for Security Breach.

8.4.1 THE AGGREGATE LIMITATIONS ON LIABILITY SET FORTH IN SECTIONS 8.1 (b) WILL NOT APPLY TO, AND INSTEAD, SECTION 8.4.2 WILL APPLY TO THE CUSTOMER'S OUT-OF-POCKET, REASONABLE AND DOCUMENTED COSTS OF INVESTIGATION, NOTIFICATION, REMEDIATION AND MITIGATION SPECIFIED IN SECTION 9.5 DUE TO A SECURITY INCIDENT RESULTING SOLELY FROM BREACH OF ORGiD'S OBLIGATIONS UNDER THIS AGREEMENT OR A VIOLATION BY ORGiD OF DATA PROTECTION LAWS ABSENT THE INSTRUCTION OF THE CUSTOMER.

8.4.2 ORGiD'S AGGREGATE LIABILITY UNDER SECTION 8.4.1 ABOVE, WHETHER SUCH DAMAGES ARE BASED IN CONTRACT, TORT OR OTHER LEGAL THEORY, WILL NOT EXCEED (IN LIEU OF AND NOT IN ADDITION TO THE AMOUNT SET FORTH IN SECTION 8.1) THREE TIMES THE FEES PAID UNDER THIS AGREEMENT IN THE 12 MONTHS PRECEDING THE EVENT GIVING RISE TO THE DAMAGES.

9. Indemnification

9.1 ORGiD Indemnity. ORGiD will, at its expense, indemnify, defend and hold harmless the Customer and its Members and their respective officers, directors, employees, agents and Representatives (collectively "Customer Indemnified Parties") from and against any claims, actions, proceedings and suits brought by a third party (including government investigations), ("Claims") to the extent arising out of or alleging of any of the following: (a) infringement, misappropriation or violation of any Proprietary Rights by the Licensed Product by the Customer which ORGiD permitted to be used by the Customer under this Agreement; and (b) any unauthorised access, use or disclosure of Customer Data resulting solely from breach of ORGiD's obligations under this Agreement (save to the extent such breach is caused by an act or omission of the Customer) or (c) a willful violation by ORGiD of Data Protection Laws absent the instruction by the Customer. Without limitation to the foregoing, ORGiD will pay all damages and amounts finally awarded by a court of competent jurisdiction or agreed upon in settlement (as outlined in Section 9.3 below) and any government fines and penalties assessed against the Customer in any such Claims.

9.2 Customer Indemnity. The Customer will, at its expense, indemnify, defend and hold harmless ORGiD and its Members and their respective officers, directors, employees, agents and Representatives (collectively "ORGiD Indemnified Parties") from and against any reasonable Claims to the extent arising out of or alleging of any of the following: (a) infringement, misappropriation or violation of any Proprietary Rights by Service which the Customer permitted to be used by ORGiD under this Agreement; and (b) any unauthorised or unlawful receipt, processing, transmission or storage of Customer Data by ORGiD in the performance of its obligations as permitted under this Agreement resulting from breach of the Customer's obligations under Section 7.2.2, Section 7.6.2 or Section 5.5(save to the extent an act or omission of ORGiD causes such breach). The Customer will pay all costs, damages and amounts finally awarded by a court of competent jurisdiction or agreed upon in settlement (as outlined in Section 9.3 below) and any government fines and penalties assessed against ORGiD in any such Claims.

9.3 Process. Each Party seeking indemnification under this Section 9 (each, an "Indemnified Party" and collectively, the "Indemnified Parties") will give the other Party (the "Indemnifying Party") prompt notice of each Claim for which it seeks indemnification, provided that failure or delay in providing such notice will not release the Indemnifying Party from any obligations hereunder except to the extent that the Indemnifying Party is prejudiced by such failure. The Indemnified Parties will give the Indemnifying Party their reasonable cooperation in the defense of each Claim for which indemnity is sought, at its request and expense. The Indemnifying Party will inform the Indemnified Parties of the status of each Claim. An Indemnified Party may participate in the defense of a Claim at its own expense. The Indemnifying Party will control the defence or settlement of the Claim, provided that the Indemnifying Party, without the Indemnified Parties' prior written consent, will not enter into any settlement that (i) includes any admission of guilt or wrongdoing by any Indemnified Party; (ii) imposes any financial obligations on any Indemnified Party that Indemnified Party is not obligated to pay under this Section 9; (iii) imposes any non-monetary obligations on any Indemnified Party; and (iv) does not include a complete and unconditional release of any Indemnified Parties. The Indemnifying Party will ensure that any settlement it enters for any Claim is confidential, except where not permitted by Applicable Law.

9.4 Infringement Remedy. In addition to ORGiD's obligations under Section 9.1, if the Product or other Licensed Product is held, or in ORGiD's opinion is likely to be held, to infringe, misappropriate or violate any Proprietary Rights, or, if based on any claimed infringement, misappropriation or violation of Proprietary Rights, an injunction is obtained, or in ORGiD's opinion an injunction is likely to be obtained, that would prohibit or interfere with the Customer's use of the Licensed Product under this Agreement, then ORGiD will at its option and expense either: (a) procure for the Customer the right to continue using the affected Licensed Product in accordance with the license granted under this Agreement; or (b) modify or replace the affected Licensed Product so that the modified or replacement Licensed Product are reasonably comparable in functionality, interoperability with other software and systems, and levels of security and performance and do not infringe, misappropriate or violate any third-party Proprietary Rights. If, in such circumstances, ORGiD cannot accomplish any of the foregoing actions on a commercially reasonable basis, ORGiD will notify the Customer, and either Party may terminate the Subscription and this Agreement, in which case ORGiD will refund to the Customer any fees prepaid to ORGiD by the Customer prorated for the unused portion of the Subscription. For clarity, ORGiD's indemnification and defence obligations under this Section include infringement Claims based on the use of the Licensed Product by Customer Indemnified Parties following an initial infringement Claim, except that if ORGiD responds to an infringement Claim by accomplishing the solution in (b), ORGiD will have no obligation to defend and indemnify the Customer for infringement Claims arising from the Customer's use after giving notice to the Customer of the accomplishment of (b) of the infringing Licensed Product for which ORGiD provided modified or replacement Licensed Product and a reasonable time to implement the modified or replacement Licensed Product.

9.5 Security Breach Remedy. In addition to ORGiD's obligations under Section 9.1, in the event of any Security Incident resulting solely from breach of ORGiD's obligations under this Agreement or the violation by ORGiD of Data Protection Laws absent the instruction by the Customer, ORGiD will pay the applicable government fines and penalties and other reasonable and documented out-of-pocket costs directly incurred by the Customer, for (a) investigating and responding to the Security Incident; (b) providing notification to affected individuals, applicable government and relevant industry regulatory agencies required by Law; (c) providing credit monitoring and/or identity theft services to affected individuals required by Law; and (d) applicable mitigation or remediation costs required by regulatory agencies to be undertaken within the Licensed Product as the result of such Security Incident.

9.6 Limitations.

9.6.1 ORGiD will have no liability or obligation under this Section 9 concerning any infringement Claim to the extent solely attributable to any: (a) modifications to the Licensed Product not performed or on behalf of ORGiD or its Personnel; (b) use of the Product by the Customer in combination with third-party products, services, equipment, content, code, or software not provided by ORGiD at the instruction of the Customer where the alleged violation, infringement or misappropriation would not have occurred but solely for such combination at the instruction of the Customer; (c) use of the Licensed Product by the Customer in breach of this Agreement; or (d) acts or omissions of the indemnified Party, including willful patent infringement.

9.6.2 The Customer will have no liability or obligation under this Section 9 concerning any infringement Claim to the extent solely attributable to any: (a) modifications to the Customer Materials or Customer Data not provided or authorised by the Customer or its Personnel; or (b) use of the Customer Materials or Customer Data by ORGiD that is not permitted under this Agreement.

9.6.3 This Section 9 states the entire liability of ORGiD concerning infringement, misappropriation or violation of Proprietary Rights of third parties by any Licensed Product or any part thereof or by any use thereof by the Customer, and this Section 9 states the entire liability of the Customer concerning infringement, misappropriation or violation of Proprietary Rights of third parties by any Customer Materials, Customer Data or any part thereof or by any use, receipt, storage or processing thereof by ORGiD.

10. Term and Termination

10.1 Term. This Agreement will start on the Subscription Start Date of each Customer Subscription and continue in full force and effect until the Customer Subscription has ended(the "Initial Term") unless terminated earlier by either Party as provided in this Agreement. This Agreement will renew for additional renewal Terms (the "Renewal Term") with each Customer Subscription renewal unless one Party gives notice of non-renewal to the other Party subject to the terms herein.

10.2 Termination for cause. Either Party may terminate this Agreement if the other Party (a) fails to cure a material breach of the Agreement within 30 days after receiving notice of the breach; (b) materially breaches the Agreement in a manner that cannot be cured; (c) dissolves or stops conducting business without a successor; (d) makes an assignment for the benefit of creditors; or (e) becomes the debtor in insolvency, receivership, or bankruptcy proceedings that continue for more than 60 days. In addition, either Party may terminate an affected Subscription if a Force Majeure Event prevents the Product from materially operating for 30 or more consecutive days, and ORGiD will pay the Customer a prorated refund of prepaid fees for the remainder of the Term. A party must notify the other of its reason for termination. Termination by ORGiD under this Section does not prejudice the Customer's right and ORGiD's obligation to extract or assist with retrieving or deleting Customer Data as outlined in Section 10.3.2 following such termination.

10.3 Effect of Termination.

10.3.1 Upon termination or expiration of a Subscription, subject to section 10.1, the Customer's right to use the Product licensed under such Subscription will terminate, and the Customer's access to the Product and Services provided under such Subscription may be disabled. Termination or expiration of any Subscription purchased by the Customer from ORGiD will not terminate or modify any other Subscription purchased by the Customer from ORGiD. Upon termination of this Agreement, all the Customer's Subscriptions under this Agreement will immediately terminate.

10.3.2 The Customer shall extract or request ORGiD to extract all Customer Data made available in the Cloud Service before the termination or expiration of any Subscription to Licensed Product subject to Section 7.2.4. Within 30 days following the termination or expiration of any Subscription to Licensed Product on the Customer's written request for Professional Services, ORGiD will extract and return copies of all Customer Data remaining in the Cloud Service for the Customer. ORGiD will assist the Customer, as reasonably requested by the Customer, in validating whether the retrieval or deletion was successful. Customer Data shall be provided in a standard non-proprietary CSV formatted file. Following delivery to the Customer of the Customer Data and the Customer's confirmation thereof, or the Customer's retrieval or deletion of Customer Data and ORGiD's validation thereof or expiration of the applicable period, whichever is soonest, ORGiD may, and within 30 days thereafter will, permanently delete and remove Customer Data (if any) and will, upon the Customer's request, certify to such deletion and removal to the Customer in writing through email. If ORGiD cannot delete any portion of the Customer Data or Customer Confidential Information, it will remain subject to the confidentiality, privacy and data security terms of this Agreement. ORGiD shall not use it for any purpose whatsoever.

10.3.3 Sections 4 (Proprietary Rights), 6 (Confidentiality), 7.2.1 (Customer Data and Customer Materials), 8 (Limitations of Liability), 9 (Indemnification), 10.3 (Effect of Termination), 11 (Insurance), 12.3(Tax), 13(General) and 14 (Definitions), together with all other provisions of this Agreement that may reasonably be interpreted or construed as surviving expiration or termination, will survive the expiration or termination of this Agreement for any reason. However, the non-use and non-disclosure obligations of Section 6 will expire five years following the expiration or termination of this Agreement, except concerning and for as long as any Confidential Information constitutes a trade secret.

10.3.4 ORGiD will submit invoices for all known outstanding Fees accrued upon termination and any Fees which may accrue thereafter under 10.2 or 10.3 (as applicable and under Section 12 (Payment & Taxes).

10.3.5 Each Party as Recipient will return or destroy Discloser's Confidential Information in its possession or control.

10.3.6 Unless this Agreement is terminated for cause, the Customer shall transition to a replacement provider of similar services before the termination or expiration of this Agreement. Upon termination or expiration of the Agreement for cause, ORGiD shall offer the Customer its Professional Services, at the Customer's request, to support the migration to a replacement provider (of services similar to the Services) to the extent such support does not disclose and/or transfer any Proprietary Information or Confidential Information of ORGiD.

11. Insurance

11.1 Coverages. ORGiD will, at its own cost and expense, obtain and maintain the following insurance coverage during the Term of this Agreement and for one year after:

11.1.1 Commercial General Liability insurance, including all significant coverage categories, including premises-operations, property damage, products/completed operations, contractual liability, personal and advertising injury with limits of at least $1,000,000 per occurrence and $2,000,000 in general annual aggregate, and $4,000,000 products/completed operations annual aggregate;

11.1.2 Professional Liability insurance, in an amount of at least $2,000,000 per occurrence covering liabilities for financial loss resulting or arising from actual or alleged acts, errors or omissions by ORGiD including its Personnel in rendering Services in connection with this Agreement including actual or alleged acts, errors or omissions in rendering computer or information technology Services, proprietary rights  (excluding Patent infringement), data damage/destruction/corruption, failure to protect privacy, unauthorised access, unauthorised use, virus, and

11.1.3 Cyber Liability or Technology Errors and Omissions, with limits of at least $1,000,000 each Claim and $2,000,000 in the annual aggregate, providing for protection against liability for: (a) system attacks; (b) denial or loss of service attacks; (c) spread of malicious software code; (d) unauthorised access and use of computer systems; (e) liability arising from loss or disclosure of personal or corporate confidential data; (f) cyber extortion; (g) breach response and management coverage; (h) business interruption; (i) invasion of privacy; and (j) defence of any regulatory action involving a breach of Data Protection Law.

12. Payment and Taxes

12.1 Fees and Invoices. Unless otherwise noted, all Fees are quoted in United States Dollars and are exclusive of taxes. Except as detailed in this Agreement, Fees are non-refundable. ORGiD will send invoices for Fees applicable to the Product Subscription and related usage once per Invoice Period in advance starting on the Subscription Start Date. Any Fees or credits incurred after sending each invoice will be included in the next invoice. Professional Services invoices may be sent separately during the performance of the Professional Services. Invoices will be emailed to the billing contact information supplied during Product registration and can be updated from time to time by the Customer.

12.2 Payment. Unless otherwise noted, the Customer will pay ORGiD the Fees and any applicable taxes in each invoice in the currency quoted. If no currency is defined, the currency shall be United States Dollars. If ORGiD is provided credit card information to make Payments for Fees incurred by the Customer, the Customer authorises ORGiD to charge the credit card for undisputed Fees as they are invoiced. If the Customer pays by ACH or international wire, the Customer is responsible for paying the wire transfer fees or currency conversion fees.

12.3 Taxes. The Customer and ORGiD are each responsible for taxes on their income and employees; the Customer is responsible for paying all sales, use, GST, VAT, or other taxes associated with their Subscription. If ORGiD has the legal obligation to pay or collect Taxes to which the Customer is subject, ORGiD will invoice the Customer, and the Customer will pay the invoice tax amount unless a valid tax exemption certificate authorised by the appropriate taxing authority is provided.

12.4. Pricing Changes. Pricing under this Agreement is subject to change upon each Renewal Term with thirty (30) days advance written notice to the Customer. Any pricing marked "Subject to change" in an applicable Quote or Order Form is subject to change at any time with thirty (30) days advance written notice. Should such changes be unacceptable to the Customer after receiving written notice from ORGiD, the Customer may terminate the affected Subscription subject to the terms of this Agreement. Upon such termination, ORGiD will refund the applicable Fees prepaid to ORGiD, prorated for the portion of the Subscription unused until the termination date.

12.5 Payment Dispute. If the Customer has a good-faith disagreement about the amounts charged on an invoice, the Customer must notify ORGiD about the dispute during the invoice's Payment Period and pay all undisputed amounts on time. The Parties will work together to resolve the dispute within 15 days after the end of the Payment Period. If no resolution is agreed upon, each Party may pursue any remedies available under the Agreement or Applicable Laws.

13. General

13.1 Applicable Law. This Agreement and any dispute or Claim arising out of or in connection with it or its subject matter or formation (including non-contractual disputes or claims) will be governed by and interpreted according to the laws of the Commonwealth of Australia. Each Party irrevocably agrees that any legal action or proceeding relating to this Agreement will be instituted solely in the state and federal courts in Brisbane, Queensland, Australia. Each Party irrevocably agrees to the jurisdiction of such courts, and each Party waives any objection that it may have to lay the venue of any such action or proceeding in the manner provided in this Section. The Parties agree that the United Nations Convention on Contracts for the International Sale of Goods does not apply to this Agreement.

13.2 Assignment. Neither Party may assign or transfer this Agreement or any rights or delegate any duties herein without the prior written consent of the other Party, which will not be reasonably withheld, delayed or conditioned. Notwithstanding the foregoing, and without gaining the other Party's written consent, ORGiD may assign this Agreement, in its entirety, and delegate its obligations to its Members or to any entity acquiring all or substantially all of the assets related to the Licensed Product whether, by the sale of assets, sale of stock, merger or otherwise and the Customer may assign this Agreement, in its entirety, to any Members or entity acquiring all or substantially all of its assets related to the Customer's account or the Customer's entire business, whether by the sale of assets, sale of stock, merger or otherwise. Any attempted assignment, transfer or delegation in contravention of this Section will be null and void. This Agreement will inure to the benefit of the Parties hereto and their permitted successors and assigns.

13.3 Entire Agreement. This Agreement constitutes the entire Agreement between the Parties relating to the subject matter hereof, and there are no other representations, understandings or agreements between the Parties relating to the subject matter hereof. This Agreement is solely between the Customer and ORGiD. The terms and conditions of this Agreement will not be changed, amended, modified or waived during each Term unless such change, amendment, modification or waiver is in writing and signed by authorised representatives of the Parties. NEITHER PARTY WILL BE BOUND BY, AND EACH SPECIFICALLY OBJECTS TO, ANY PROVISION THAT IS DIFFERENT FROM OR IN ADDITION TO THIS AGREEMENT (WHETHER PROFFERED ORALLY OR IN ANY QUOTATION, PURCHASE ORDER, INVOICE, SHIPPING DOCUMENT, ONLINE TERMS AND CONDITIONS, ACCEPTANCE, CONFIRMATION, CORRESPONDENCE, OR OTHERWISE), UNLESS SUCH PROVISION IS SPECIFICALLY AGREED TO IN WRITING SIGNED BY BOTH PARTIES.

13.4 Export Laws. Each Party will comply with all applicable customs and export control laws and regulations of Australia, Singapore, the United States of America, and/or such other country, in the case of the Customer, where the Customer or its Users use the Product or Services, and in the case of ORGiD, where ORGiD provides the Product or Services. Neither Party will export, re-export, ship, or otherwise transfer the Licensed Product, Services or Customer Data to any country subject to an embargo or other sanction by Australia, Singapore, the United States of America, or other applicable jurisdiction.

13.5 Force Majeure. Neither Party will be liable hereunder for any failure or delay in the performance of its obligations in whole or in part on account of riots, fire, flood, earthquake, explosion, epidemics, war, strike or labour disputes (not involving the Party claiming force majeure), embargo, civil or military authority, act of God, governmental action or other causes beyond its reasonable control and without the fault or negligence of such Party or its Personnel and such failure or delay could not have been prevented or circumvented by the non-performing Party through the use of alternate sourcing, workaround plans or other reasonable precautions (a "Force Majeure Event"). If a Force Majeure Event continues for more than 30 days for any Subscription, the Customer may cancel the unperformed portion of the Subscription and receive a pro-rata refund of any fees prepaid by the Customer to ORGiD for such unperformed portion.

13.6 Government Rights. The Product is a "commercial item" deemed "commercial computer software". Any use, modification, reproduction, release, performance, display or discourse of such commercial software or commercial software documentation by a state entity will be governed solely by the terms of this Agreement. It will be prohibited except to the extent expressly permitted by the terms of this Agreement.

13.7 Headings. The headings throughout this Agreement are for reference purposes only, and the words contained therein will in no way be held to explain, modify, amplify or aid in the interpretation, construction or meaning of the provisions of this Agreement.

13.8 No Third-Party Beneficiaries. Except as specified in Section 9 concerning Customer Indemnified Parties and ORGiD Indemnified Parties, nothing express or implied in this Agreement is intended to confer, nor will anything herein confer, upon any person other than the Parties and the respective successors or assigns of the Parties, any rights, remedies, obligations or liabilities whatsoever.

13.9 Notices. To be effective, notice under this Agreement must be given in writing. Each Party consents to receiving electronic communications and notifications from the other Party in connection with this Agreement. Each Party agrees that it may receive notices from the other Party regarding this Agreement: (a) by email to the email address designated by such Party as a notice address for the Agreement; (b) by personal delivery; (c) by registered or certified mail, return receipt requested; or (d) by nationally recognised courier service. Any notice shall be deemed to have been received: (a) if sent by email, at the time of transmission, or, if this time falls outside of Business Hours, when Business Hours resume; (b) if delivered by personal delivery, at the time the notice is left at the proper address; (c) if sent by registered or certified mail, return receipt requested, at 10.00 am on the second Business Day after posting. This clause does not apply to the Service of any proceedings or other documents in any legal action or, where applicable, any arbitration or other method of dispute resolution.

13.10 Non-waiver. Any failure or delay by either Party to exercise or partially exercise any right, power or privilege under this Agreement will not be deemed a waiver of any such right, power or privilege under this Agreement. No waiver by either Party of a breach of any term, provision or condition of this Agreement by the other Party will constitute a waiver of any succeeding breach of the same or any other provision hereof. No such waiver will be valid unless executed in writing by the Party making the waiver.

13.11 Publicity. Neither Party will issue any publicity materials or press releases that refer to the other Party or its Members, or use any trade name, trademark, service mark or logo of the other Party or its Members in any advertising, promotions or otherwise, without the other Party's prior written consent.

13.12 Relationship of Parties. The relationship of the Parties will be that of independent contractors, and nothing contained in this Agreement will create or imply an agency relationship between the Customer and ORGiD, nor will this Agreement be deemed to constitute a joint venture or partnership or the relationship of employer and employee between the Customer and ORGiD. Each Party assumes sole and complete responsibility for its acts and the acts of its Personnel. Neither Party will have the authority to make commitments or enter into contracts on behalf of, bind, or otherwise oblige the other Party.

13.13 Severability. If any term or condition of this Agreement is to any extent held invalid or unenforceable by a court of competent jurisdiction, the remainder of this Agreement will not be affected thereby, and each Term and condition will be valid and enforceable to the fullest extent permitted by Law.

13.14 Subcontracting. ORGiD may use Subcontractors in its performance under this Agreement, provided that: (a) ORGiD remains responsible for all its duties and obligations hereunder and the use of any Subcontractor will not relieve or reduce any liability of ORGiD or cause any loss of warranty under this Agreement; (b) ORGiD agrees to be directly liable for any act or omission by such SubcontractorSubcontractor to the same degree as if the act or omission were performed by ORGiD such that a breach by a Subcontractor of the provisions of this Agreement will be deemed to be a breach by ORGiD. The performance of any act or omission under this Agreement by a Subcontractor for, by or through ORGiD will be deemed the act or omission of ORGiD. Upon request, ORGiD will identify to the Customer any Subcontractors who have access to Customer Data performing under this Agreement and any other information reasonably requested by the Customer about such subcontracting. The Customer shall have the right to have removed from the provision of the Licensed Product hereunder, any of ORGiD's SubcontractorSubcontractor who has access to Customer Data subject to the Customer providing ORGiD reasonable advance notice in writing (email to suffice) and agreeing to prepay ORGiD any costs associated with finding, supporting and maintaining an acceptable replacement.

13.15 Counterparts. This Agreement may be executed in any number of counterparts and by the parties hereto in separate counterparts, each of which, when so executed, shall be deemed to be an original and all of which, taken together, shall constitute one and the same Agreement. Executed signature pages of this Agreement sent by facsimile or transmitted electronically in Portable Document Format (PDF), or signature pages executed and transmitted electronically via digital signature, shall be treated as originals, fully binding and with full legal force and effect. The Parties waive any rights they may have to object to such treatment, provided that this treatment shall be without prejudice to the obligation of the parties to exchange original counterparts as quickly as practicable after execution of this Agreement if requested by either Party. This Agreement will become effective as of the date when all parties have signed and dated it.

14. Definitions

14.1 "Member" means, concerning any entity, any other entity that controls, is controlled by, or is under common control with such entity. The terms "controls," "controlled by," and "under common control with" mean the ownership of at least fifty per cent (50%) of the equity or beneficial interests of the entity or the right to vote for or appoint a majority of the board of directors or other governing body of such entity, and any other entity concerning which the Customer or any of its Members has management or operational responsibility (even though the Customer or such Member may own less than fifty per cent (50%) of the equity of such entity).

14.2 "Applicable Laws" means all applicable international, national, state and local laws, ordinances, rules, regulations and orders, as amended from time to time.

14.3 "Cloud Provider" means the Google Cloud Platform ("GCP") local entity in each Cloud Provider Region operated by GCP.

14.4 "Cloud Provider Region" means the name defined by the Cloud Provider representing the geographic region and/or country where their data centre is located.

14.5 "Business Hours" means the hours of 9:30 am to 6:00 pm on any Business day in Brisbane, Queensland, Australia.

14.6 "Business Day" means banks are open for business, not a Saturday or a Sunday.

14.7 "Customer Data" means all data, records, files, Information or content, including text, sound, video, and images, that is (a) input or uploaded by the Customer or its Users to or collected, received, transmitted, processed, or stored by the Customer or its Users using the Product or Cloud Service in connection with this Agreement including Personal Data, or (b) provided by the Customer to ORGiD in connection with this Agreement through a means other than using the Product or Cloud Service (whether stored within the Licensed Product or elsewhere), or (c) generated or derived from (a) or (b).

14.8 "Customer Materials" means any property, items or materials and any Proprietary Rights therein, including Customer Data, furnished by the Customer to ORGiD for ORGiD's use in performing its obligations under this Agreement.

14.9 "Cloud Service" means access and use of the Product, or a component of a Product, as deployed and hosted in ORGiD's Computing Environment, and any software and other technology provided or made accessible by ORGiD in connection therewith (and not as a separate product or Service) that the Customer is required or has the option to use to access and use the Product.

14.10 "Contractor" means any third-party contractor of the Customer or other third Party performing services for the Customer, including outsourcing suppliers.

14.11 "Computing Environment" means the computing infrastructure and systems that provide the Product via Cloud Service.

14.12 "Controller" means the entity that determines the purposes and means of processing Personal Data. "Controller" includes equivalent terms in other Data Protection Laws, such as the CCPA-defined term "Business" or "Third Party," as the context requires.

14.13 "Data Protection Law" means all data protection and privacy laws applicable to the processing of Personal Data under the Agreement, including The Privacy Act 1988 ("Australian Privacy Act"), Personal Data Protection Act ("Singapore PDPA"), Regulation 2016/679 (General Data Protection Regulation) ("GDPR"), the European Union (Withdrawal) Act 2018 and the Data Protection Act 2018 in the UK ("UK GDPR") and the Brazilian General Data Protection Law (Lei Geral de Proteção de Dados Pessoais) ("LGPD") and Cal. Civ. Code 1798.100 et seq. (California Consumer Privacy Act) ("CCPA").

14.14 "Documentation" means the user guides, manuals, instructions, specifications, notes, Documentation, printed updates, "read-me" files, release notes and other materials related to the Product, its use, operation or maintenance, together with all enhancements, modifications, derivative works, and amendments to those documents, that ORGiD provides under this Agreement.

14.15 "Fees" means the Product and the Cloud Service price.

14.16 "International Data Transfer Mechanism" means the special protections that some jurisdictions require two or more parties that transfer Information across international borders to adopt to make the transfer lawful. "Transfer," in the context of an International Data Transfer Mechanism, means to disclose or move personal data from a storage location in one jurisdiction to another, or to permit a party in one jurisdiction to access Personal Data that the other party stores in another jurisdiction that requires an International Data Transfer Mechanism.

14.17 "Licensed Product" means the Product, Documentation and any other items, materials or deliverables that ORGiD provides or is obligated to provide as part of a Subscription.

14.18 "Personal Data" means information the Customer Data that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a data subject. "Personal Data" includes equivalent terms in other Data Protection Laws, such as the CCPA-defined term "Personal Information," as the context requires, to the extent such information forms part of Customer Data.

14.19 "Personal Data Breach" means a confirmed breach of security of the Services that caused accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Data, or an event that qualifies as a reportable data breach under Applicable Law.

14.20 "Personnel" means a Party or its Members, directors, officers, employees, non-employee workers, agents, auditors, consultants, contractors, subcontractors and any other person performing services on behalf of such Party (but excludes the other Party and any of the foregoing of the other Party).

14.21 "Privacy and Security Terms" means Section 7.5, the attached Data Processing Addendum (if applicable), and any other terms and conditions regarding the privacy and security of data agreed upon by the parties that are a part of this Agreement, whether in an addendum or amendment to this Agreement.

14.22 "Product Addendum" means describing Product and other product information offered by ORGiD, including Support Services and policies and procedures incorporated or referenced in the product information.

14.23 "Processor" means an entity that processes personal data on behalf of another entity. As the context requires, "Processor" includes equivalent terms in other Data Protection Laws, such as the CCPA-defined term "ORGiD. "

14.24 "Product" means the computer software and any associated data, content and/or services that ORGiD provides or is obligated to provide as part of a Subscription, including any patches, bug fixes, corrections, remediation of security vulnerabilities, updates, upgrades, modifications, enhancements, derivative works, new releases and new versions of the foregoing that ORGiD provides, or is obligated to provide, as part of the Subscription.

14.25 "Proprietary Rights" means all intellectual property and proprietary rights throughout the world, whether now known or hereinafter discovered or invented (together with any renewals, extensions or revivals, including, without limitation, all: (a) patents and patent applications; (b) copyrights, neighbouring rights and mask work rights; (c) trade secrets; (d) trademarks, trade names, service marks and logos; (e) rights in data and databases; (f) registered designs or unregistered design rights in the UK; and (g) analogous rights throughout the world.

14.26 "Sensitive Data" means the following types and categories of data: data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; genetic data; biometric data; data concerning health, including protected health information; data concerning a natural person's sex life or sexual orientation; government identification numbers; payment card information; non-public personal Information; an unencrypted identifier in combination with a password or other access code that would permit access to a data subject's account; and precise geo-location.

14.27 "Services" means all services and tasks that ORGiD provides or is obligated to provide under this Agreement, including, without limitation, the Cloud Services and the Support Services.

14.28 "Subcontractor" means any third-party subcontractor or other third Party to whom ORGiD delegates any of its duties and obligations under this Agreement.

14.29 "Sub-processors" means third parties authorised under this Agreement to access and process Personal Data to provide parts of the Business Services.

14.30 "Subscription" means a Product subscription for specific features, integrations, usage pricing, and use capacity purchased by the Customer and fulfilled by ORGiD for the licensing and provision of the Product provided as a Cloud Service in ORGiD's Computing Environment.

14.31 "Support Services" means the support and maintenance services for the Product that ORGiD provides.

14.32 "System Data" means data and data elements (other than Customer Data) collected by the Product, Cloud Service or the Computer Environment of ORGiD regarding configuration, environment, usage, performance, vulnerabilities and security of the Product or Cloud Service that may be used to generate logs, statistics and reports regarding performance, availability, integrity and security of the Product or Cloud Service.

14.33 "Third Party Services" means any third-party products, platforms, services, equipment, content, code, or software used with a Licensed Product.

14.34 "User" means any person or software program or computer systems authorised by the Customer or any of its Members to access and use the Product as permitted under this Agreement, including Contractors of the Customer or its Members.